Currently, info within Data Permissions state: “When the Public access is deactivated, all users lose access to the company data and other objects with lookup to Company object”.
That is not fully true in our experience, as that does not apply for any Custom object, even if it also has a lookup to Company object.
What helps is in that case rebuilding rules for each of those objects individually in “Other MDA Objects” tab. However this is a hardly sustainable way to manage permissions in a large setup.
In our case we want to map revenue in a custom object based on region. Users shouldn’t be able to see revenue of a different region in their dashboard. As the amount of attributes, criteria and objects can change and grow, administration will grow exponentially over time.
I wonder if there is a more sustainable and a more automated method of doing this?